<?php
session_start();

/**
 * Script used to update information about an element in the database 
 */

// Return json encoded data
header ('Content-type: application/json');

require_once '../core/db.php';

$_POST['carousel'] = true;
$_POST['content'] = '<div id="carousel_example-generic" class="carousel slide" data-ride="carousel"><ol class="carousel-indicators"><li data-target="#carouselexample-generic" data-slide-to="0" class="active"></li></ol><div class="carousel-inner"><div class="item active"><img src="http://www.clickreadshare.com/wp-content/uploads/bunny-on-a-bed-big.jpg"" alt="Karusellbilde_1"></div></div><a class="left carousel-control" href="#carousel-example-generic" data-slide="prev"><span class="glyphicon glyphicon-chevron-left"></span></a><a class="right carousel-control" href="#carousel-example-generic" data-slide="next"><span class="glyphicon glyphicon-chevron-right"></span></a></div> ';
$_POST['index'] = 1;
$_POST['page'] = 1;
$_POST['id'] = 33;

// Check if user owns this element:
$sql = 'SELECT siteUserId, pageId from siteElement WHERE elementId = ?';
$sth = $db->prepare ($sql);
$sth->execute (array ($_POST['id']));
$tmp= $sth->fetch (PDO::FETCH_ASSOC);
$ok = ($tmp['siteUserId']==$_SESSION['user']) ? 1:0;

// If user is logged in and own the element, insert new element:
if(isset($_SESSION['user']) && $ok==1) {
	if(isset($_POST['carousel'])) {
		$sql = 'UPDATE siteElement SET elementText=?, ';
	}
	else {
		$sql = 'UPDATE siteElement SET elementTitle=?, elementText=?, ';
	}
    if($_POST['index'] > 0) {
        $sql .= 'elementIndex=?, ';
    }
	if($_POST['page'] > 0) {
        $sql .= 'pageId=?, ';
    }
	if(isset($_POST['carousel'])) {
		$sql .= 'elementUpdated=? WHERE siteUserId=? AND elementId=?';
	}
	else {
		$sql .= 'showDate=?, elementUpdated=? WHERE siteUserId=? AND elementId=?';
	}
    $sth = $db->prepare ($sql);
    $date = date('Y-m-d H:i:s');
    
	if($_POST['page'] > 0 && $_POST['index'] > 0) {		// Execute with both index and page:
		if(isset($_POST['carousel'])) {
			$res = $sth->execute (array ($_POST['content'], $_POST['index'], $_POST['page'], $date, $_SESSION['user'], $_POST['id']));
		}
		else {
			$res = $sth->execute (array ($_POST['title'], $_POST['content'], $_POST['index'], $_POST['page'], $_POST['showDate'], $date, $_SESSION['user'], $_POST['id']));
		}
	}							
	else if($_POST['page'] > 0) {						// Execute with page:
		if(isset($_POST['carousel'])) {
			$res = $sth->execute (array ($_POST['content'], $_POST['page'], $date, $_SESSION['user'], $_POST['id']));
		}
		else {
			$res = $sth->execute (array ($_POST['title'], $_POST['content'], $_POST['page'], $_POST['showDate'], $date, $_SESSION['user'], $_POST['id']));
		}
	}
	else if($_POST['index'] > 0) {   					// Execute with the index:
		if(isset($_POST['carousel'])) {
			$res = $sth->execute (array ($_POST['content'], $_POST['index'], $date, $_SESSION['user'], $_POST['id']));
		}
		else {
			$res = $sth->execute (array ($_POST['title'], $_POST['content'], $_POST['index'], $_POST['showDate'], $date, $_SESSION['user'], $_POST['id']));
		}
    }
    else {												// Execute wothput index and page:
		if(isset($_POST['carousel'])) {
			$res = $sth->execute (array ($_POST['content'], $date, $_SESSION['user'], $_POST['id']));
		}
        else {
			$res = $sth->execute (array ($_POST['title'], $_POST['content'], $_POST['showDate'], $date, $_SESSION['user'], $_POST['id']));
		}
    }
	
    if ($res==1)
    	echo json_encode (array ('ok'=>'OK', 'message' => 'Elementet ble oppdatert.', 'id' => $tmp['pageId']));
    else
    	echo json_encode (array ('message'=>'Kunne ikke oppdatere elementet i databasen.'));
} 
else {
    echo json_encode (array ('message'=>'Du kan ikke redigere et element uten å eie det og/eller være logget inn.'));
}
?>